Restricted Advance Shell - examples of challenges

I am a partner. Since UTM the Home version was a good reason for many to check out Sophos firewall products in detail and I'm sure Sophos won many customers and partners just because of this version no one else offers. Sure, as a partner we get NFR licenses for our own firewall, but do I want to tinker arround with our production network? No. PMParth wrote that the support could still access the shell, but how should I interpret this? That the support is starting to actively support home users? Really?!

I don't see the point in all of this, except you'd tell me right now that Sophos has some clear evidence that the Home version is used commercially in a bigger scale, which I can't imagine is the case, but who knows?

If you would supply your partners and customers with an easy way to get NFRs for virtual devices, I'd probably be happy and leave you alone with this, though I still don't get the point.

There is nothing in GUI log about SSL VPN. Only the creation of cert file at time of export from user portal. I can see correct port in/out in pcap. Looks something like what is running on the v18.

Essentially Sophos as a company can still access the appliance in case of bug tracking or something. For example, a Home user discovers a bug in V19.0 and wants to report it. DEV can access the appliance and investigate this issue via SupportAccess. 

From my point of view as the most activate person in the community by far (see leader board), the advanced shell is not needed in the majority of "threads". Simply because the product is in a state of having a simple UI to get the most common issues configured or debugged via GUI. And i am talking about a new installation / configuration of a home appliance. Most home users have a average use case of simple setups. And most likely, if you look at the threads by home users, there are certain configuration issues, which do not need any interaction with the CLI. Most likely if i point to "do a packet capture" they are most comfortable with the packet capture in the GUI. 

Sophos Product management wants to gather open spots of still use cases, which the product does not cover (today). 

There are valuable contributions to this thread already. 

There are currently two different programs for Partners. The partner as a organisation can get NFR licenses for its own organisation. For example for the Firewall of the partner. Then there is a program for the education. If you are a Sophos Architect (you did the training and certification) you can get all Sophos products (and a 3 year Sophos Firewall subscription) for your own environment. 

Dropped by policy basically means the spam engine did drop it. You can reference to this on the CLI, if you like. But we will pick this up, why the dropping does not contain the SMTP context. 

Please create a own thread in the Community to get this investigate further. 

What's the solution for downloading a pcap file without access to the advanced shell - Sophos Firewall: Create and download a packet capture

Currently there is no workaround of "downloading" the wireshark dump. You can still do a packet capture on CLI (console) and on GUI. 

But apparently there is no download of this dump. 

Just out of curiosity: If you look at the packet capture of the Webadmin: What use cases do you miss there to resolve your issues beside a download capability for Wireshark? 

You cannot compare at all the WebUI packet capture viewer compared to opening the pcap with wireshark.

You're a Sophos Employee, you should already know the limits and challenges of using the Firewall WebUI by now.

I know what i can do in the webadmin and most likely it should be sufficient for XX % of the home users. I mean, i am interacting with Sophos Customers the entire day. And most of them use the webadmin packet capture. Simply because they do not use the CLI in the first place. They simply want to know the following:

Is there a packet?
Which interface is used?
Which Firewall rule is used?
Is NAT being used? 

The more advanced troubleshooting like looking into Header, checking TLS handshakes is not being done by the average user. And i am assuming the same are doing home users. 

BTW: You can do the same just not "graphical". You see the HEX dump of a packet. Means you could translate this into a dump, if you really want. 

Downloading Logfiles (as described in https://support.sophos.com/support/s/article/KB-000035842) should still be possible.
When you need to have a deeper look into (older) logfiles for analysis.

What about integrating full logfile-download and archive in GUI? As avaliable in UTM/SG?